Book Image

CISA – Certified Information Systems Auditor Study Guide

By : Hemang Doshi
Book Image

CISA – Certified Information Systems Auditor Study Guide

By: Hemang Doshi

Overview of this book

Are you looking to prepare for the CISA exam and understand the roles and responsibilities of an information systems (IS) auditor? The CISA - Certified Information Systems Auditor Study Guide is here to help you get started with CISA exam prep. This book covers all the five CISA domains in detail to help you pass the exam. You’ll start by getting up and running with the practical aspects of an information systems audit. The book then shows you how to govern and manage IT, before getting you up to speed with acquiring information systems. As you progress, you’ll gain knowledge of information systems operations and understand how to maintain business resilience, which will help you tackle various real-world business problems. Finally, you’ll be able to assist your organization in effectively protecting and controlling information systems with IT audit standards. By the end of this CISA book, you'll not only have covered the essential concepts and techniques you need to know to pass the CISA certification exam but also have the ability to apply them in the real world.
Table of Contents (19 chapters)
1
Section 1: Information System Auditing Process
4
Section 2: Governance and Management of IT
7
Section 3: Information Systems Acquisition, Development, and Implementation
10
Section 4: Information System Operations and Business Resilience
13
Section 5: Protection of Information Assets

Summary

In this chapter, we discussed various aspects of security awareness training and programs, security testing, and monitoring tools and techniques. We also learned to evaluate incident management policies and practices.

We also discussed how to evaluate evidence collection and the forensics process. Digital evidence can be used in legal proceedings provided it has been preserved in its original state. Evidence loses its integrity if the chain of custody is not maintained. The chain of custody refers to the process of identifying, preserving, analyzing, and presenting evidence in such a manner that it demonstrates the reliability and integrity of the evidence.

With this chapter, you have acquired the relevant skills and knowledge required to pass the CISA exam as well as perform IS audits. It is strongly recommended to refer the key aspects mentioned at the end of each topic and practice self-assessment questions in order to excel in the CISA exam.